﻿<?php
session_start();
require_once "config.php";
$truoc="";
if (isset($_SESSION['uid']))
	$uid=$_SESSION['uid'];
else {
	if (isset($_POST['m'])) {
		$sql="select * from users where mat='".$_POST['m']."'";
		$result=mysql_query($sql);
		if ($rows=mysql_num_rows($result)) {
			$truoc="?m=".$_POST['m'];
			if ($rows>1) $uid=0;
			else {
				$row=mysql_fetch_array($result);
				$uid = $row['id'];
			}
		} else $uid=0;
	} else
		$uid=0;
}
if (isset($_POST['newtask'])) {
	$viecmoi=$_POST['newtask'];
	if (strlen($viecmoi)>5) {
		$sql="insert into viec (user,ndung,ngay,trang) value ($uid,'$viecmoi',NOW(),1);";
		$result=mysql_query($sql);
		echo "OK";
		redirect("index.php".$truoc,1);
	} else {
		echo "SHORT";
	}
} else {
	echo "FAIL";
}
function retain($str,$kitu) {
	$len = strlen($str);
	$sret="";
	for ($i=0; $i<$len; $i++) {
		if (strpos($kitu,substr($str,$i,1))!==false) 
			$sret .= substr($str,$i,1);
	}
	return $sret;
}
function redirect($location, $delaytime = 0) {
    if ($delaytime>0) {    
        header( "refresh: $delaytime; url='".str_replace("&amp;", "&", $location)."'" );
    } else {
        header("Location: ".str_replace("&amp;", "&", $location));
    }    
}
?>

